Re: Local DoS on single_open?

From: viro
Date: Thu Sep 11 2003 - 02:29:56 EST

Next message: viro: "Re: Local DoS on single_open?"
Previous message: Keith Owens: "Re: Local DoS on single_open?"
In reply to: Keith Owens: "Re: Local DoS on single_open?"
Next in thread: viro: "Re: Local DoS on single_open?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Sep 11, 2003 at 05:04:48PM +1000, Keith Owens wrote:
> On Thu, 11 Sep 2003 14:51:09 +1000,
> Nick Piggin <piggin@xxxxxxxxxxxxxxx> wrote:
> >Keith Owens wrote:
> >
> >>single_open() requires the kernel to kmalloc a buffer which lives until
> >>the userspace caller closes the file. What prevents a malicious user
> >>opening the same /proc entry multiple times, allocating lots of kmalloc
> >>space and causing a local DoS?
> >>
> >>
> >
> >ulimit?
>
> ulimit has no effect on kmalloc usage.

You do realize that struct file is also kmalloc'ed? So are dentries and
inodes, for that matter. It's the same situation as with pipes and sockets.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: viro: "Re: Local DoS on single_open?"
Previous message: Keith Owens: "Re: Local DoS on single_open?"
In reply to: Keith Owens: "Re: Local DoS on single_open?"
Next in thread: viro: "Re: Local DoS on single_open?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]